Security

Security & Data Flow

Last updated: July 12, 2026

This page describes how Corpusly is designed to work today. A few low-level specifics — exact OAuth scope strings and on-disk locations — are being finalised ahead of public release and will be documented here as they land.

Corpusly is built so your documents stay on your own machine. This page explains where your data lives, what leaves your device, and the controls you have. For the formal policy, see our Privacy Policy.

Where your data lives

When you use Corpusly, your Google Drive content is streamed, indexed, and embedded entirely on your own machine. The resulting file text, embeddings, and search index are stored locally on your device. There is no Corpusly server that receives, stores, or processes your documents — no hosted document store and no hosted vector database.

What Corpusly reads from Google Drive

Corpusly requests read-only access to your Google Drive, for the sole purpose of reading and indexing your files locally so your assistant can search them. It cannot modify, move, or delete anything in your Drive.

Corpusly's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

What is shared with your AI assistant

Corpusly connects to AI assistants (for example, Claude Desktop or Claude Code) over the Model Context Protocol (MCP). When you ask your assistant a question, Corpusly returns only the passages relevant to that question, and those passages are sent to the assistant through your existing connection so it can answer. Only the content your assistant requests is shared, and only with the assistant you have configured.

Those assistants are operated by third parties under their own terms and privacy policies, which govern how they handle the content you send them. Corpusly does not control those services and is not responsible for their data practices.

Credentials and tokens

You sign in with Google to grant read-only access. Your Google authorization token is stored in your operating system's keychain rather than in plain application files, and your document data never leaves your device except as described above.

Analytics and cookies

This website loads no analytics until you opt in through the cookie banner. If you accept, Google Analytics 4 collects standard, aggregate usage data (such as pages viewed) to help us improve the site. You can withdraw consent at any time using the Cookie choices link in the footer, which removes those cookies and stops analytics from loading.

Deleting your data and disconnecting

Because your data lives on your device, you stay in control of it. You can disconnect at any time by signing out of Google in the app, which revokes its access going forward, and by deleting the app's local data — its index, embeddings, and cached authorization. You can also review or revoke Corpusly's access from your Google Account's security settings.

Is Corpusly open source?

The embedding model Corpusly uses to understand your documents is open source and runs locally on your machine. Corpusly itself is a proprietary product.

Scope and limitations

Corpusly protects your documents by keeping them — and the index built from them — on your device. It does not control how the AI provider you choose processes or retains the passages you send it, and the security of your own device and Google account remains your responsibility. No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

Questions

Security questions or reports? Email hello@corpusly.ai.